tag:blogger.com,1999:blog-89316233499278403422024-03-13T01:52:33.650+02:00panagikspanagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.comBlogger10125tag:blogger.com,1999:blog-8931623349927840342.post-55222696448808444382019-05-01T10:22:00.001+03:002019-05-01T10:22:34.485+03:00Python TCP keepalive on http request<h3>The issue</h3>So a while ago, while working on a project, I encountered an endpoint that required some heavy computations to produce the response and as a result the response usually took a bit more than 5 minutes.<br />
<br />
The examples that existed showcasing the usage of said endpoint were all done with <b>curl</b>.<br />
<br />
So, my turn comes to consume this endpoint and lo and behold! The request hangs. Okay, weird. Let's try <b>curl</b> again. Works fine. Python, nope. Let's check with <b>wget</b> then, no luck.<br />
<br />
In my desperation I tried all the Python libraries I had used in the past (<b>requests</b>, the built in <b>http.client</b> and <b>aiohttp</b>) obviously setting all the applicable timeouts sky high. Still no luck! <br />
<br />
So what's so special about <b>curl</b>, what did it do that both <b>wget</b> and my Python implementation failed to? <br />
<br />
<br />
<h3>Troubleshooting</h3>Desperate times call for desperate measures I told my self and I grabbed my trusty <b>strace</b> brewed a big ol cup of coffee and got to work.<br />
<br />
First thing that is immediately obvious to me is that <code>curl</code> does indeed do something different as <b>strace</b> tells me that <b>curl</b> blocks with <b>epoll</b> while both <b>wget</b> and my Python solutions block with <b>select</b>. This gives me a first clue that <b>curl</b> does indeed do 'something else' (TM) besides just waiting for a response but leaves me with not much more to follow on.<br />
<br />
I decide to switch context and go from the lowest possible (for me at least) level to my most high level approach: replicate the Python solutions with insanely high timeouts and monitor its behavior. This yields an interesting result! The target endpoint supports a notation for the client to specify the seconds until the request should timeout, but despite my explicit definition of it to 600 seconds (that's 10 minutes) the remote server hasn't sent me (or should I say I haven't gotten ;) ) an explicit timeout for more than 15 minutes. This brings back bad memories ... This uncannily resembles the behavior of a firewall that instead of dropping the packets it just filters them, this way the client never explicitly knows that it cannot connect and just waits.<br />
<br />
But the reminder the <b>curl</b> worked perfectly quickly snaps this thought out of my mind. Time for another coffee (I could use the break anyways)! While I wait for my coffee to brew I start whining to (ehm .. I mean discussing with) a colleague (SysAdmin) about the issue and my findings. In a heartbeat he suggest a misbehaving firewall. But why! How could <code>curl</code> go through I still don't get it. It's nearly night and there's a weekend ahead of me so I call it a day.<br />
<br />
Monday morning I find a set of <b>netstat</b> commands (one with <b>curl</b> running against said endpoint and one with <b>wget</b>) along with their result. Son of a female dog!<br />
<br />
With <b>curl</b>:<br />
<br />
<pre class="prettyprint lang-sh">$ netstat -at --timers
Proto Recv-Q Send-Q Local Address Foreign Address State Timer
.....
tcp 0 0 localMachine:lPort remoteMachine ESTABLISHED keepalive (60/0/0)
.....
</pre><br />
With <code>wget</code>:<br />
<br />
<pre class="prettyprint lang-sh">$ netstat -at --timers
Proto Recv-Q Send-Q Local Address Foreign Address State Timer
.....
tcp 0 0 localMachine:lPort remoteMachine ESTABLISHED off (0.00/0/0)
.....
</pre><br />
So now I know! <b>curl</b> uses a <b>TCP</b> level <b>keepalive</b> which means that a <b>TCP</b> packet is transmitted in a fixed interval regardless of whether there are any actual data to transfer. So there is in deed a misconfigured firewall somewhere along the way that chops down long running connections (anything longer than 5 minutes as I found out with some troubleshooting) without informing either party that the connection was dropped.<br />
<br />
<h3>And now what ?</h3>So you know what kind of problem you have but this isn't even half the solution. Unfortunately I could find in none of the http libraries I use in Python a reliable way to enable <b>TCP keepalive</b> through their API.<br />
<br />
<h3>Show me the code !</h3>I took the simplest and more 'core' solution here because it's easier for showcasing the approach; the same logic would apply with any other library.<br />
<br />
<pre class="prettyprint lang-py"># construct your headers; maybe add a keepalive header here to avoid the remote server closing the connection
headers = {}
# create your connection object
conn = http.client.HTTPSConnection(host, timeout=600)
conn.connect()
# Now you will need to access the socket object of your connection; how you access this will vary depending on the library you use
s = conn.sock
# Set the following socket options (feel free to play with the values to find what works best for you)
# SO_KEEPALIVE: 1 => Enable TCP keepalive
# TCP_KEEPIDLE: 60 => Time in seconds until the first keepalive is sent
# TCP_KEEPINTVL: 60 => How often should the keepalive packet be sent
# TCP_KEEPCNT: 100 => The max number of keepalive packets to send
s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
s.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, 60)
s.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPINTVL, 60)
s.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPCNT, 100)
conn.request("GET", "/endpoint", {}, headers)
response = conn.getresponse()
data = response.read()
</pre>panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com1tag:blogger.com,1999:blog-8931623349927840342.post-22507526296962340362019-01-17T10:41:00.000+02:002019-01-17T10:43:21.878+02:00[CVE-2018-1000814] Session reuse on aiohttp-session prior to 2.7.0On Oct 08 2018 a session reuse vulnerability was discovered (and disclosed in <a href="https://github.com/aio-libs/aiohttp-session/issues/325" target="_blank">aiohttp-session#325</a>) in aiohttp-session that falls under <a href="https://cwe.mitre.org/data/definitions/287.html" target="_blank">CWE-287</a> (Improper Authentication) and is caused by the library's reliance on Storage technology for data expiration.<br />
<br />
Due to this reliance storage backends with inherent expiry like Redis or Memcached were not vulnerable. On backends that solely rely on cookie storage for information storage, like EncryptedCookieStorage and NaClCookieStorage, however it is possible for a malicious client to re-create a cookie with the same session data. This effectively provides infinite lifetime sessions, thus defeating the purpose of session expiry which is to minimize the attack window on the most vulnerable part of an application's authentication, that is the session transfer.<br />
<br />
On Oct 13 2018 the vulnerability was patched with <a href="https://github.com/aio-libs/aiohttp-session/pull/331" target="_blank">aiohttp-session#331</a> and <a href="https://github.com/aio-libs/aiohttp-session/releases/tag/v2.7.0" target="_blank">aiohttp-session v2.7.0 was released</a>.<br />
<br />
Finally on Dec 20 2018 this vulnerability was assigned <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000814" target="_blank">CVE-2018-1000814</a>.<br />
<br />
<h4>
Side effects</h4>
The applied patch of #331 does have some side effects. The patch breaks an implicit behavior of the library to create 'idle sessions'. So if you are <b>not using one of the vulnerable backends</b> and are utilizing aiohttp-session for idle sessions your best bet is to freeze your dependencies to aiohttp-session==2.6.0 until a fix is released.<br />
<br />
<br />
<h4>
Other references</h4>
<a href="https://vuldb.com/?id.128146" target="_blank">Vulndb</a><br />
<a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1000814" target="_blank">NVD/NIST</a><br />
<br />panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com0tag:blogger.com,1999:blog-8931623349927840342.post-56557316673037874962018-06-25T11:39:00.000+03:002018-06-25T13:03:23.846+03:00[CVE-2018-1000519] Session Fixation on aiohttp-session prior to 2.4.0<blockquote class="tr_bq">
tl;dr If you are using a version of aiohttp-session prior to 2.4.0 update!</blockquote>
<br />
On Apr 30 2018 a session fixation vulnerability was discovered in aiohttp-session which was caused by improper session (in)validation. A detailed description of the vulnerability, steps to reproduce and Proof of Concept code can be found at <a href="https://github.com/aio-libs/aiohttp-session/issues/272" target="_blank">aiohttp-session#272</a>.<br />
<br />
The gist of it is that when invalidating a session, the value of the session was set to equal `{}`. However, when validating a session (i.e. loading it) a session was considered valid if its value was `!= None`.<br />
<br />
This could allow a malicious actor to acquire a session, invalidate it, inject the cookie to a victim's browser (before the victim authenticates) and then control the victims session after the victim authenticates (by knowing the session cookie's value).<br />
<br />
On May 4 2018 the vulnerability was patched (with <a href="https://github.com/aio-libs/aiohttp-session/pull/273" target="_blank">aiohttp-session#273</a>) and <a href="https://github.com/aio-libs/aiohttp-session/releases/tag/v2.4.0" target="_blank">aiohttp-session v2.4.0 was released</a>.<br />
<br />
On May 12 2018 aiohttp-session's API (and documentation) was expanded to allow explicit acquisition of new session (to be used on login functions) to safeguard from user-code oriented Session Fixation vulnerabilities.<br />
<br />
Finally on Jun 22 2018 this vulnerability was assigned <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000519" target="_blank">CVE-2018-1000519</a>.panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com0tag:blogger.com,1999:blog-8931623349927840342.post-53251736354075668582017-02-12T12:31:00.002+02:002017-02-12T13:05:19.139+02:00Kali Linux on Android (Feb 2017)<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.kali.org/wp-content/uploads/2015/02/kali-wallpaper-2015-v1.1.0.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://www.kali.org/wp-content/uploads/2015/02/kali-wallpaper-2015-v1.1.0.png" width="320" /></a></div>
<br />
So a few months back (Sept. 2016) I wrote <a href="http://www.panagiks.com/2016/09/installing-kali-linux-on-android.html">a piece</a> here about installing Kali Linux on an Android device. Unfortunately that guide is no longer valid, as Kali Sana the branch of Kali on which it was based has been deprecated and removed from the official repositories and is only available on backup repositories and is set to be removed from those too in the near future. So a new challenge appeared. The obvious route was to check if Linux Deploy's out of the box method was working this time. But again there were a few quirks prohibiting a smooth installation and execution. So this is an updated guide as of Feb. 2017 on how to install and lunch Kali Linux on an Android mobile device. You will notice that a lot of the steps are the same, that's because the base approach is the same it's a few details that had to be changed.<br />
<h2>
<u>The Requirements</u></h2>
<ul>
<li>A <u><b>ROOTED</b></u> android smartphone (Tested on Android 4.4.4, MTK6752)</li>
<li>A 16 GB <u><b>class 10</b></u> SD card (It should work with internal storage somehow but haven't tested) </li>
<li><a href="https://play.google.com/store/apps/details?id=ru.meefik.linuxdeploy">Linux Deploy</a></li>
<li><a href="https://play.google.com/store/apps/details?id=jackpal.androidterm&hl=en">Terminal Emulator</a> </li>
<li><a href="https://play.google.com/store/apps/details?id=ru.meefik.busybox">BusyBox</a></li>
<li><a href="https://play.google.com/store/apps/details?id=com.buak.Link2SD">Link2SD</a> </li>
<li>(Optional) An ssh app (I used <a href="https://play.google.com/store/apps/details?id=org.connectbot">ConnectBot</a>)</li>
</ul>
<h2>
<u>Preparation</u></h2>
<ol>
<li>Partition the SD and format each partition (<u><b>THIS WILL DELETE YOUR DATA</b></u>). You'll need:</li>
<ul>
<li>1st Partition 512 MB formatted in FAT32</li>
<li>2nd Partition the rest of the SD formatted in EXT2</li>
</ul>
<li> Install the APPs listed above</li>
<li>Open Link2SD</li>
<li>You should be greeted by this screen</li>
<ol>
<li><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiayfJ5xOI54g4up5QC080ZfXjSFQsaYlorkLpuaRy5fFyU1oOb15fE58aP3wrfFon_6csVWvLdSdFWlexmnlca5pGbgq1khuK96vOPYdGUyKxE_uoslAwQ0lYz402B6sTTbfyhRm_7_zC/s1600/Screenshot_2016-09-04-23-53-32.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiayfJ5xOI54g4up5QC080ZfXjSFQsaYlorkLpuaRy5fFyU1oOb15fE58aP3wrfFon_6csVWvLdSdFWlexmnlca5pGbgq1khuK96vOPYdGUyKxE_uoslAwQ0lYz402B6sTTbfyhRm_7_zC/s320/Screenshot_2016-09-04-23-53-32.png" width="180" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
</li>
<li>Select ext2 and press ok</li>
<li>When prompted reboot your device </li>
</ol>
<li>Open BusyBox</li>
<ol>
<li>Press INSALL </li>
</ol>
</ol>
<ol><ol></ol>
</ol>
<h2>
<span style="font-weight: normal;"></span><u><b>Installation</b></u></h2>
<ol>
<li>Open Linux Deploy (From here on ensure constant Wifi connection and power)</li>
<ol>
<li>Press your phone's menu button</li>
<li>Press status</li>
<li>Under Available mount point there should be something like /data/sdext2, make note of that.</li>
<li>Press the button on the right (looks like a download icon)</li>
<li>In Distribution select Kali Linux</li>
<li>In Distribution Suite select kali-rolling</li>
<li>In Architecture select armhf </li>
<li>In Installation type select Directory</li>
<li>In Installation Path type in the path you took note of before</li>
<li>(Optional) Change Username & Password</li>
<li>Set DNS server to 8.8.8.8 (Google's Public DNS server) since the default tends to fail</li>
<li>Set Localization to en_US.UTF-8</li>
<li>Under the Init Menu check enable</li>
<li>Under Init System choose sysv</li>
<li>Under SSH check enable</li>
<li>Under SSH Settings > SSH options write the following</li>
<ol>
<li>ServerAliveInterval 15</li>
<li>This will ensure the connection doesn't timeout during the installation of packets that can take up to hours.</li>
</ol>
<li>(Optional) Enable GUI options like VNC (won't get into it here)</li>
<li>Press Menu > Install</li>
<li>This might take a while ...</li>
<li>When you see "<<<install" on Linux Deploy's logs the installation has finished</li>
<li>Press Menu > Configure </li>
<li>(If there was no error your system is now ready to boot).</li>
<li>Here's where things change. DON'T PRESS START!</li>
<li>Exit Linux Deploy by pressing the App's menu button and then Exit.</li>
<li>Open Terminal Emulator</li>
<ol>
<li><pre class="prettyprint lang-bsh">su</pre>
</li>
<li><pre class="prettyprint lang-bsh">/data/data/ru.meefik.linuxdeploy/bin/linuxdeploy shell</pre>
</li>
<li><pre class="prettyprint lang-bsh">service ssh start</pre>
</li>
<li><pre class="prettyprint lang-bsh">exit</pre>
</li>
<li><pre class="prettyprint lang-bsh">exit</pre>
</li>
<li>This should Start Kali </li>
</ol>
<li>After every restart of the mobile device Kali has to start as demonstrated in the previous step (will provide automation script in following article)</li>
<li>I have yet to find how to stop Kali without rebooting the device (which is what Linux Deploy does when you press stop). If anyone has any ideas feel free to drop a comment</li>
</ol>
<li>Now from ConnectBot ssh to yourusername@localhost </li>
<ol>
<li><pre class="prettyprint lang-bsh">sudo apt-get update</pre>
</li>
<li><pre class="prettyprint lang-bsh">sudo apt-get dist-upgrade</pre>
</li>
<li>(if prompted)<pre class="prettyprint lang-bsh">sudo apt-get autoremove</pre>
</li>
<li><pre class="prettyprint lang-bsh">sudo apt-get install kali-linux-full</pre>
</li>
<li>PATIENCE, since this will download around 4GB of data</li>
<li>The above is the most error prone part of the process. Ensure <u><b>CONSTANT</b></u> internet access and <u><b>UNINTERRUPTED</b></u> power to the mobile device. </li>
</ol>
<li> If everything went right you should now have a working setup of Kali Linux on your Android phone</li>
<li>(Optional) If you don't need to SSH into you mobile's Kali from another device, consider limiting SSH access only from localhost.</li>
</ol>
Hope this helps a few people skip a bit of the frustration. Have fun!<br />
<br />
<u>Disclaimer:</u> Make sure you understand what you are doing and follow the above AT YOUR OWN RISK. I had no problem during the above procedure, carried out multiple times on a couple devices, this isn't to say that problems cannot occur.<br />
<ol>
</ol>
panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com1tag:blogger.com,1999:blog-8931623349927840342.post-33753145978361082632017-01-15T18:54:00.000+02:002017-01-15T22:33:04.838+02:00How to change GitHub repo's preview image (sort of) Do you like having a photo of yourself as GitHub avatar but hate having it pop up as a preview when you post a repo on social media? Reed on!<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-jtJVRZ48sc8C17ihqB9Nbw1WBN_ECSwLPktrkHvUNw8qlK1jxdd_-vj9sqJ8BK6twhyphenhyphenzx6TWTuVckYuHEccxqqtY2N309eZmSYbOf6tlcVUNopyDKSUj59PghxtAOLM4xRpPdijg5HN4/s1600/ghpreview.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-jtJVRZ48sc8C17ihqB9Nbw1WBN_ECSwLPktrkHvUNw8qlK1jxdd_-vj9sqJ8BK6twhyphenhyphenzx6TWTuVckYuHEccxqqtY2N309eZmSYbOf6tlcVUNopyDKSUj59PghxtAOLM4xRpPdijg5HN4/s320/ghpreview.png" width="314" /></a></div>
<br />
<br />
First things first, let me explain the "(sort of)" part o the title. Since there is no officially supported way from GitHub, at the time of writing, to achieve the desired result, the process described is a workaround, a hack, and thus entails a trade-off; you have to use a custom URL so anyone sharing directly the URL of your repo will get the original preview image.<br />
<br />
To achieve our goal we are going to utilize GitHub's project page generator that will generate a URL in the form : <username>.github.io/<repoName> (and this will be the link you will be sharing instead of the direct repo link that would be github.com/<username>/<repoName>). To better understand the process, we will see a general and an applied example in parallel. So in our case we will take one of my GitHub repos as an example <a href="https://github.com/panagiks/RSPET">github.com/panagiks/RSPET</a> and the generated link will be <a href="https://panagiks.github.io/RSPET">panagiks.github.io/RSPET</a>.<br />
<br />
<h4>
<u>GitHub's Project page generator</u></h4>
GitHub provides a few ways to generate project pages, but for the purpose of this post we'll go with the gh-pages branch approach. First, create a new branch in your repo named "gh-pages" (no quotes) and empty it (delete all and any files that were at the source branch). Now create an empty file in the root of the newly created branch named "index.html". Now go to the repo's settings page and scroll down to the "GitHub Pages" section. There, in the "Source" section, you should see "gh-pages branch" selected in the drop-down menu, if not select it.<br />
<br />
<h4>
<u>Populating index.html</u></h4>
The point is to create a webpage that will have the appropriate "meta" tags for social media to present it as if it was your GitHub repo, just changing the tags that correspond to the preview image. First make sure that you have uploaded the desired (new) preview image to a CDN (Content Distribution Network), I prefer Flikr for this because it's free and you can easily keep all your images in one place and also have them resized, but feel free to use any CDN you prefer the only thing that matters is that you have a URL pointing to the image. First is our example for <a href="https://github.com/panagiks/RSPET">github.com/panagiks/RSPET</a> and following is the head section of the general index.html:<br />
<br />
In the body of index.html we only want it to redirect to the actual GitHub repo, to do that we do the following:<br />
<br />
<script src="https://gist.github.com/panagiks/412eccd3d9c97f2c0eeac34d16e49cca.js"></script><br />
<br />
<h4>
<u>Final Notes</u></h4>
A helpful tool is <a href="https://developers.facebook.com/tools/debug/sharing">Facebook's debug tool</a>, from which you can see how Facebook will load and display your link as well as force its scrapper to rescrape your link. Finally, I intend to write a small script that will generate automatically the above "index.html" for any given GitHub repo, so stay tuned!<br />
<br />
<h4>
<u>Edit</u></h4>
As promised, here's <a href="https://panagiks.github.io/RGHPI/">RGHPI</a>, a script to automate the HTML generation step :)panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com0tag:blogger.com,1999:blog-8931623349927840342.post-7976806142052471352016-09-09T10:34:00.001+03:002016-09-09T10:43:13.915+03:00Liked Elliot's one-tap command execution? Here you go!<div class="separator" style="clear: both; text-align: center;">
<a href="https://cdn2.hubspot.net/hub/421408/hubfs/Screen-Shot-pwn-phone.jpg?t=1473274941502&width=640&height=400&name=Screen-Shot-pwn-phone.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="https://cdn2.hubspot.net/hub/421408/hubfs/Screen-Shot-pwn-phone.jpg?t=1473274941502&width=640&height=400&name=Screen-Shot-pwn-phone.jpg" width="320" /></a></div>
<br />
Did you like the way Elliot executed a PenTesting tool just by tapping a shortcut on his home screen? Well I'm going to show how to do this yourself. Now, there are a couple of ways this can be done, but the approach we're going to take here presumes you have <a href="http://www.panagiks.com/2016/09/installing-kali-linux-on-android.html">a working installation of Kali Linux on your android</a>. Without further delay, let's get to it!<br />
<h2>
<u>The Requirements</u></h2>
<ol>
<li>A working installation of Kali Linux on your Android smartphone (<a href="http://www.panagiks.com/2016/09/installing-kali-linux-on-android.html">as shown here</a>)</li>
<li><a href="https://play.google.com/store/apps/details?id=org.connectbot&hl=en">ConnectBot</a> ssh client for Android</li>
<li><a href="https://play.google.com/store/apps/details?id=net.dinglisch.android.taskerm&hl=en">Tasker</a> for Android (Yes, I know, it costs 3<span class="_Tgc">€</span>)</li>
</ol>
<h2>
<u>Preparation</u></h2>
<ol>
<li>First we have to do away with the password requirement during ssh log-in</li>
<ol>
<li>To do that we will use ssh keys instead</li>
<li>Open Linux Deploy (Make sure you have Kali's profile selected)</li>
<li>Press "Start" </li>
<li>Open ConnectBot</li>
<li>Press your phone's menu button</li>
<li>Select "Manage Pubkeys"</li>
<li>You should see an empty screen (If you haven't already created another key, that is)</li>
<li>Press your phone's menu button</li>
<li>Select Generate</li>
<li>Give a unique nickname to your key</li>
<li>Select type and strength (I used RSA 4096bits)</li>
<li><u><b>Leave the password blank</b></u></li>
<li>Select "Load key in start"</li>
<li>Now a key should appear in the previously empty screen</li>
<li>Now we need to export the public key in order to provide it to the guest OS</li>
<li>Long press on the key we just generated</li>
<li>Select copy public key</li>
<li>Now the public key is in the clipboard</li>
<li>Go back and ssh into kali (with your password)</li>
<li>Now in Kali run the following</li>
<ol>
<li><pre class="prettyprint lang-bsh">mkdir ~/.ssh</pre>
</li>
<li><pre class="prettyprint lang-bsh">nano ~/.ssh/authorized_keys</pre>
</li>
<li>Long press on the screen and paste the public key</li>
<li>Send Ctrl+O </li>
<ol>
<li>Tap once on the screen a small bar appears just above the keyboard</li>
<li>On the far left there is a button that says ctrl, keep pressing that</li>
<li>Press O from the on-screen keyboard</li>
<li>You will be prompted for a file name just press enter</li>
</ol>
<li>Send Ctrl+X (the same way as Ctrl+O)</li>
<li><pre class="prettyprint lang-bsh">sudo service ssh restart</pre>
</li>
<li>Press your phone's menu button</li>
<li>Select Disconnect </li>
</ol>
</ol>
<li>Second is the log-in automation and command execution </li>
<ol>
<li>On ConnectBot </li>
<li>Type android@localhost in the field below and press Enter (this will create a new profile)</li>
<li>You will be taken to the log-in prompt ignore it and go back to ConnectBot's main screen</li>
<li>Long press on the profile that reads android@localhost</li>
<li>Select Edit host</li>
<li>In this example we will create a simple nmap execution</li>
<li>So change the nickname to nmap (be careful to give each profile a <b><u>unique</u></b> nickname)</li>
<li>Select Use pubkey authentication</li>
<li>In the prompt select the key we created earlier</li>
<li>Select Post-login automation (here you will write the commands the shortcut will execute)</li>
<li>For our example </li>
<ol>
<li><pre class="prettyprint lang-bsh">nmap 192.168.1.0/24</pre>
</li>
<li>Add a new line in the end (i.e. press Enter) </li>
</ol>
<li> Press ok</li>
<li>Now to test it go back to ConnectBot's main screen and tap on the profile named nmap</li>
<li>If everything was done correctly it will log-in automatically and run an nmap scan on the 192.168.1.0/24 subnet</li>
</ol>
<li>And third is the home screen shortcut</li>
<ol>
<li>Open Tasker</li>
<li>Go to the Tasks tab</li>
<li>Press the + Sign</li>
<li>Name your task (this name will show on the home screen) </li>
<li>In Task edit press the + sign </li>
<li>Select System</li>
<li>Select send Intent</li>
<ol>
<li>Action : android.intent.action.VIEW</li>
<li>Cat : Default</li>
<li>Data : ssh://android@localhost/#nmap (in the position of nmap you put the ConnectBot profile you want to use each time)</li>
<li>Target : Activity</li>
</ol>
<li>Go back to Task edit</li>
<li>Press the play button (this will run the macro) </li>
<li>If everything was done correctly you will see ConnectBot opening logging into Kali and executing the nmap scan we set earlier</li>
<ol>
<li>If a prompt appears about what app to use select ConnectBot and press <u><b>Always</b></u></li>
</ol>
<li>Go to your home screen</li>
<li>Go to your add widget menu</li>
<li>Select Task Shortcut</li>
<li>Place the widget on the screen</li>
<li>Tasker will open</li>
<li>From Task Selection select nmap (or the task you want to add)</li>
<li>Press the menu-like icon on the lower-right corner to select an icon</li>
<li>Select the icon you prefer</li>
<li>Press back</li>
<li>You should now be able to see the icon you selected earlier on the screen</li>
<li>Tap it</li>
<li>If everything went well it will open ConnectBot log into Kali and execute the nmap command we set up earlier.</li>
</ol>
</ol>
<h2>
<u>Limitations/Considerations</u></h2>
<br />
Unfortunately this method doesn't come without its flaws. For starters, Kali Linux has to be manually started through Linux Deploy (although it should be possible to make a one-tap task to automate that too so if anyone reading this has done it please leave a comment bellow). Secondly, if you close Tasker (not exit the interface, Close by selecting disable) tapping the shortcuts will do nothing so you will have to have Tasker running.<br />
<br />
Hope you found this guide helpful and easy to follow, if you have any suggestions/additions/corrections feel free to leave a comment bellow.panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com0tag:blogger.com,1999:blog-8931623349927840342.post-48053590283447881522016-09-05T00:45:00.000+03:002017-02-02T17:50:18.067+02:00Installing Kali Linux on an Android smarthphone<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivYiILUWUv5UnTtc2reoizxBrJaAOcJTYu0gjQbgBQ7a2jT8zvTald-z7sJhMnHw8bkQWgsCBQVNkUYh6vK2NFqw0DZf114WC3Q9eJzpYx0w7y-Ir-Ca3WqloP1JSuLpg5S4H_rLiwZZpS/s1600/Screenshot_2016-09-03-14-10-15.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivYiILUWUv5UnTtc2reoizxBrJaAOcJTYu0gjQbgBQ7a2jT8zvTald-z7sJhMnHw8bkQWgsCBQVNkUYh6vK2NFqw0DZf114WC3Q9eJzpYx0w7y-Ir-Ca3WqloP1JSuLpg5S4H_rLiwZZpS/s320/Screenshot_2016-09-03-14-10-15.png" width="180" /></a></div>
<h2>
</h2>
<h2>
<u>The problem</u></h2>
In the time of writing a lot of the HOW-TOs available online, including <a href="https://www.kali.org/tutorials/kali-linux-android-linux-deploy/">Offensive Security's own guide</a>, simply do not work. This post aims to guide anyone trying to install Kali Linux on his android smartphone.<br />
<h2>
<u>The Requirements</u></h2>
<ul>
<li>A <u><b>ROOTED</b></u> android smartphone (Tested on Android 4.4.4, MTK6752)</li>
<li>A 16 GB <u><b>class 10</b></u> SD card (It should work with internal storage somehow but haven't tested) </li>
<li><a href="https://play.google.com/store/apps/details?id=ru.meefik.linuxdeploy">Linux Deploy</a></li>
<li><a href="https://play.google.com/store/apps/details?id=ru.meefik.busybox">BusyBox</a></li>
<li><a href="https://play.google.com/store/apps/details?id=com.buak.Link2SD">Link2SD</a> </li>
<li>(Optional) An ssh app (I used <a href="https://play.google.com/store/apps/details?id=org.connectbot">ConnectBot</a>)</li>
<li>(Optional) A VNC viewer app (I used <a href="https://play.google.com/store/apps/details?id=com.realvnc.viewer.android">VNC Viewer</a>) </li>
</ul>
<h2>
<u>Preparation</u></h2>
<ol>
<li>Partition the SD and format each partition (<u><b>THIS WILL DELETE YOUR DATA</b></u>). You'll need:</li>
<ul>
<li>1st Partition 512 MB formatted in FAT32</li>
<li>2nd Partition the rest of the SD formatted in EXT2</li>
</ul>
<li> Install the APPs listed above</li>
<li>Open Link2SD</li>
<li>You should be greeted by this screen</li>
<ol>
<li><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiayfJ5xOI54g4up5QC080ZfXjSFQsaYlorkLpuaRy5fFyU1oOb15fE58aP3wrfFon_6csVWvLdSdFWlexmnlca5pGbgq1khuK96vOPYdGUyKxE_uoslAwQ0lYz402B6sTTbfyhRm_7_zC/s1600/Screenshot_2016-09-04-23-53-32.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiayfJ5xOI54g4up5QC080ZfXjSFQsaYlorkLpuaRy5fFyU1oOb15fE58aP3wrfFon_6csVWvLdSdFWlexmnlca5pGbgq1khuK96vOPYdGUyKxE_uoslAwQ0lYz402B6sTTbfyhRm_7_zC/s320/Screenshot_2016-09-04-23-53-32.png" width="180" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
</li>
<li>Select ext4 and press ok</li>
<li>When prompted reboot your device </li>
</ol>
<li>Open BusyBox</li>
<ol>
<li>Press INSALL </li>
</ol>
</ol>
<h2>
<u><b>Installation</b></u></h2>
<h3>
<u>Update 2/2/17</u></h3>
'sana' suit has now been removed from Kali's repositories and kali-rolling is installing correctly. <br />
<ol><ol></ol>
<li>Open Linux Deploy (From here on ensure constant Wifi connection and power)</li>
<ol>
<li>Press your phone's menu buton</li>
<li>Press status</li>
<li>Under Available mount point there should be something like /data/sdext2, make note of that.</li>
<li>Press the button on the right (looks like a download icon)</li>
<li>In Distribution select Kali Linux</li>
<li>In Distribution Suite select kali-rolling</li>
<li>In Architecture select armhf</li>
<li>In Installation type select Directory</li>
<li>In Installation Path type in the path you took note of before</li>
<li>(Optional) Change Username & Password</li>
<li>Set DNS server to 8.8.8.8 (Google's Public DNS server) since the default tends to fail</li>
<li>Finally, set Localization to en_US.UTF-8</li>
<li><span id="goog_211732920"></span><span id="goog_211732921"></span><br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrYoWJJF2NAPN91CgOe3p3kbBTIpYJ0cFVJUPVR8YZCaozZli91CW6hiCqRl4BnfraFWpJP7NxOyxh_lzN5NA2lY126PcWs60xhS6uFIxTEaEYL5ArQYvsCxmqGYelgWU7-mxb35-i7tyJ/s1600/Screenshot_2016-09-05-00-06-44.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrYoWJJF2NAPN91CgOe3p3kbBTIpYJ0cFVJUPVR8YZCaozZli91CW6hiCqRl4BnfraFWpJP7NxOyxh_lzN5NA2lY126PcWs60xhS6uFIxTEaEYL5ArQYvsCxmqGYelgWU7-mxb35-i7tyJ/s320/Screenshot_2016-09-05-00-06-44.png" width="180" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
</li>
<li>Make sure in Select Components that Kali Components <u><b>IS NOT SELECTED</b></u></li>
<li>Press Install</li>
<li>This might take a while ...</li>
<li>When you see "<<<install" on Linux Deploy's logs the installation has finished</li>
<li>(If there was no error your system is now ready to boot).</li>
<li>Press Start </li>
<li>Press Ok</li>
<li>You should see something like this</li>
<li><br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjJB63XHTgVzqzVMuerRex9wtDZ1GsWNOnSqf3ozmBjnSd8OXLl8WpJNX57CcKZ0nBXt-HXtAyE_LzjIClQWvbSVSRPqETy5gNOY-i0sNwpnplU0VE2-Rjz4YON8KnMM7NSNPySzbRApl-/s1600/Screenshot_2016-09-05-00-13-28.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjJB63XHTgVzqzVMuerRex9wtDZ1GsWNOnSqf3ozmBjnSd8OXLl8WpJNX57CcKZ0nBXt-HXtAyE_LzjIClQWvbSVSRPqETy5gNOY-i0sNwpnplU0VE2-Rjz4YON8KnMM7NSNPySzbRApl-/s320/Screenshot_2016-09-05-00-13-28.png" width="180" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
</li>
<li>If you see a lot of skips then something went wrong during the installation </li>
</ol>
<li>Now from ConnectBot (or a machine in your local network) ssh to yourusername@theipontopofLinuxDeploy (in this case xxxx@192.168.1.2)</li>
<ol>
<li><pre class="prettyprint lang-bsh">sudo dpkg-reconfigure locales</pre>
</li>
<li><pre class="prettyprint lang-bsh">sudo locale-gen</pre>
</li>
<li><pre class="prettyprint lang-bsh">sudo nano /etc/apt/sources.list</pre>
</li>
<li>Delete all its contents and replace them with the following</li>
<li>deb http://http.kali.org/kali/ kali-rolling main contrib non-free<br />
deb-src http://http.kali.org/kali/ kali-rolling main contrib non-free<br />
deb http://security.kali.org/kali-security kali-current/updates main contrib non-free<br />
deb-src http://security.kali.org/kali-security kali-current/updates main contrib non-free</li>
<li>Send Ctrl+O (to save the file)</li>
<li><span style="color: #0000ee;">Send</span> Ctrl+X (to exit nano)</li>
<li><pre class="prettyprint lang-bsh">sudo apt-get update</pre>
</li>
<li><pre class="prettyprint lang-bsh">sudo apt-get dist-upgrade</pre>
</li>
<li>(if prompted)<pre class="prettyprint lang-bsh">sudo apt-get autoremove</pre>
</li>
<li><pre class="prettyprint lang-bsh">sudo apt-get install kali-linux-full</pre>
</li>
<li>PATIENCE, since this will download around 4GB of data</li>
</ol>
<li> If everything went right you should now have a working setup of Kali Linux on your Android phone</li>
</ol>
Hope this helps a few people skip a bit of the frustration. Have fun!<br />
<br />
<u>Clarification:</u> There is a reason behind selecting sana suite (initially) and then changing the deb sources to kali-rolling (and kali-current for security). When selecting Kali-Rolling as a suite the installation (step 15) was observed to repeatedly fail. On the other hand, sana suit being discontinued is lacking a few dependence (or has wrong versions) and will fail during upgrade sending you on a long trip of compiling dependencies from source and iterating. <br />
<ol></ol>
panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com0tag:blogger.com,1999:blog-8931623349927840342.post-28171283648744846662016-01-18T14:11:00.000+02:002016-06-28T17:14:58.308+03:00Maintaining a sorted array of tuples ~ PythonHello Pythonistas!<br />
<br />
After some Christmas despair and endless reference searching I thought I could do a good thing and put everything together here ;)<br />
<br />
Objective : Maintain a sorted array of tuples in Python<br />
<br />
For our recipe you will need : 1 array of tuples, 1 array of comparable values , this post<br />
<br />
The main array (from now on "<code>tupArray</code>") is an array of tuples (say tuples of three values) so we have <code>tupArray = [(0,0,0)]</code> keep in mind the value we want to use to keep the array sorted <b><u>HAS</u></b> to be comparable. The second array (from now on "<code>indexArray</code>") is going to act as an index for the first so it will be sorted too and it will contain the element from each tuple that is our sorting index. Confused? Let me clear it out a bit with an example. Say we want to sort our array of tuples based on the second value of each tuple. This would be <code>tupArray[i][1]</code>. Then given an already populated and sorted <code>tupArray</code>, the <code>indexArray</code> would be created like this:<br />
<br />
<pre class="prettyprint lang-py">for elem in tupArray:
indexArray.append (elem[1])
</pre><br />
That's it. We now have both <code>tupArray</code> and <code>indexArray</code> populated and sorted. Now to maintaining. This was probably the hardest part, not to understand but to find information about. First make sure you're familiar with slicing, you can tag along in any case but having a basic understanding of slicing would help you understand much faster.<br />
We will be utilizing a function called <a href="https://docs.python.org/2/library/bisect.html">bisect</a>. What bisect does is it returns the position in which you would insert an element in a sorted array in order for it to remain sorted. Bisect has a few variants, that allow you to define whether you want the new element to be placed before or after any existing elements with the same value (<code>bisect_left</code> is for before and <code>bisect_right</code> is for after we will be using the later). First import bisect:<br />
<br />
<pre class="prettyprint lang-py">import bisect</pre><br />
Then we call bisect giving <code>indexArray</code> and the element to be inserted as values:<br />
<br />
<pre class="prettyprint lang-py">insertIndex = bisect.bisect_right (indexArray, elementToInsert)</pre><br />
Then we place it in <code>indexArray</code> using slicing:<br />
<br />
<pre class="prettyprint lang-py">indexArray[insertIndex:insertIndex] = elementToInsert</pre><br />
This will create a <b><u>NEW</u></b> element at <code>indexArray[insertIndex]</code> and not replace the one already there (like <code>indexArray[insertIndex] = elementToInsert</code> would). Finally, we have to insert our tuple to <code>tupArray</code>. For that we'll be using slicing again:<br />
<pre class="prettyprint lang-py">tupArray[insertIndex:insertIndex] = tupleToInsert</pre><br />
And that's really all there is to it! We've made an index list out of our array of tuples and managed to insert a new element without having to resort the array. A little heads up, if you are to pop or in any way remove elements from <code>tupArray</code> (and you most probably are) REMEMBER to do the exact same operation to <code>indexArray</code> too!<br />
<br />
Until next time, have fun and happy coding!<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://www.python.org/static/community_logos/python-powered-h-140x182.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://www.python.org/static/community_logos/python-powered-h-140x182.png" /></a></div><div style="text-align: center;"><br />
</div>panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com1tag:blogger.com,1999:blog-8931623349927840342.post-81376386597681176552015-11-29T08:34:00.000+02:002015-11-29T08:34:21.286+02:00What was and what is JustAddCoffeeA question I've come to ask my self a lot of times as the brand progressed. Initially, in April 2014, we created JustAddCoffee with the vision of making a gaming blog, not to get filthy rich, but as a way to express our views and share the joy we got from the games we played, and the occasional frustration.<br />
<br />
Along the way, seeing that not many people would choose to read in their free time (not from the gaming community we were addressing at least), we decided to give YouTubeing a shot. Although we put considerable amount of time in it, it was never enough. YouTube, especially when it comes to gaming channels, has a pretty strongly established base. The main challenges was the time it required to produce a decent gaming video and the equipment it required to produce a hardware review. So having limited available time and a vary small budget we eventually let go of YouTubing.<br />
<br />
So this WAS JustAddCoffee, the above followed a period of inactivity, at least in our public pages. During this period, we were redefining what JustAddCoffee was and so we get to what JustAddCoffee is now.<br />
<br />
The fact that we were both programmers and long time gamers gave us a head-start in game development. So yes, that's what we're into right now, Indie game development. We've tried many development platforms, from dead simple to exhaustively complicated, and experimented with many genres. Finally we've settled to our choice and are now developing our first game hopping to give something new to the gaming community.<br />
<br />
So that's who we were, that's who we are and if you want more ... JustAddCoffee! panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com1tag:blogger.com,1999:blog-8931623349927840342.post-80951443346299898182015-07-13T23:22:00.003+03:002015-07-13T23:28:11.174+03:00Elephone P3000s First Impressions<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.elephone.hk/images/p3000s_img_9.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://www.elephone.hk/images/p3000s_img_9.jpg" height="214" width="320" /></a></div>
<br />
So this isn't going to run as a review but more as first impressions post (as the title suggests). So I've had the Elephone P3000s for about a week know and thought about sharing the feel that I get from using it.<br />
Right off the bat I'll say that initially I chose the brand and the model for the ration of specs/price. At the moment I purchased it, it was around 150 euros and it came with a tempered blueglass and the official case (an it does matter).<br />
Things I loved about it and things that let me down. Well as I said before the first thing is the specs/price ration there's just no way you can't love it. Second comes the design of the phone, elegant simple and a bit blocky (not totally roundish). The colors are also pretty amazing. Then, watering down a bit, we move to the battery life. The battery life is good, just that nothing special. But being a guy that charges all his electronics every night, well it doesn't really affect me. To close with, and the only outright let down, is the fingerprint scanner. It's just not usable. It works, but it's so damn hard to get it to recognise your fingerprint, as it's angle sensitive, that nearly every time I exceeded the maximum tries and had to use the alternative password, eventually rendering useless the whole system. If you're absolutely looking for a fingerprint unlockable phone I'd recommend getting a later model with a touch ID system (where the fp-scaner is located in the homescreen button and is a bit more agile).<br />
<br />
All in all, it's a great device with a great specs/price ration and will cover almost any user's need. I've been using it for video streaming, for games, and for e-mail and document viewing and can't complain about anything. Also used it as a hotspot for a while, but not enough yet to have a complete view.<br />
<br />
That's all for now!<br />
<br />
(This was to be uploaded to <a href="http://www.justaddcoffee.org/">www.justaddcoffee.org</a> but due to some changes we're implementing to the server the blog will be down for a while) panagikshttp://www.blogger.com/profile/00069090985515197811noreply@blogger.com0